[ol9_appstream] tigervnc-server-minimal-1.14.1-1.el9_5.1.aarch64

The VNC system allows you to access the same desktop from a wide
variety of platforms. This package contains minimal installation
of TigerVNC server, allowing others to access the desktop on your
machine.

Changelog (Show File list) (Show related packages)

• Wed Feb 26 2025 Jan Grulich <jgrulich@redhat.com> - 1.14.1-1.1

  - Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor
    Resolves: RHEL-79406
  - Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText()
    Resolves: RHEL-80018
  - Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms()
    Resolves: RHEL-79391
  - Fix CVE-2025-26597 xorg-x11-server Buffer overflow in XkbChangeTypesOfKey()
    Resolves: RHEL-80029
  - Fix CVE-2025-26598 xorg-x11-server Out-of-bounds write in CreatePointerBarrierClient()
    Resolves: RHEL-79374
  - Fix CVE-2025-26599 xorg-x11-server Use of uninitialized pointer in compRedirectWindow()
    Resolves: RHEL-80043
  - Fix CVE-2025-26600 xorg-x11-server Use-after-free in PlayReleasedEvents()
    Resolves: RHEL-80037
  - Fix CVE-2025-26601 xorg-x11-server Use-after-free in SyncInitTrigger()
    Resolves: RHEL-79353

• Fri Nov 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.14.1-1

  - 1.14.1
    Resolves: RHEL-66600
  - Fix CVE-2024-9632: xorg-x11-server: heap-based buffer overflow privilege escalation vulnerability
    Resolves: RHEL-62000

• Mon Aug 05 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-11

  - vncsession: use /bin/sh if the user shell is not set
    Resolves: RHEL-50679

• Tue May 28 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10

  - vncconfig: add option to force view-only remote client connections
    Resolves: RHEL-12144

• Tue Apr 16 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9

  - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
    Resolves: RHEL-30756
  - Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
    Resolves: RHEL-30768
  - Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
    Resolves: RHEL-30762

• Wed Feb 07 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8

  - Fix copy/paste error in the DeviceStateNotify
    Resolves: RHEL-20533

• Mon Jan 22 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-7

  - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
    Resolves: RHEL-20389
  - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
    Resolves: RHEL-20383
  - Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
    Resolves: RHEL-20533
  - Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
    Resolves: RHEL-21213

• Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6

  - Use dup() to get available file descriptor when using -inetd option
    Resolves: RHEL-19858

• Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5

  - Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
    Resolves: RHEL-18414
  - Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
    Resolves: RHEL-18426

• Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-4

  - Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
    Resolves: RHEL-15237
  
  - Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
    Resolves: RHEL-15249